As a teaser to my presentation at SecureWorld - Dallas last week, I did a brief interview with SecureWorld and talked about three of the points I would make in my lunch keynote, The Legal Case for Cybersecurity. If you're going to SecureWorld - Denver next week, join me for the lunch keynote on Thursday (11/2) … Continue reading 3 Legal Points for InfoSec Teams to Consider Before an Incident
In my newsfeed are articles in prominent publications discussing the problems with the federal Computer Fraud and Abuse Act from very different perspectives. In the "the CFAA is dangerous for security researchers" corner we have White Hat Hackers and the Internet of Bodies, in Law360, discussing how precarious the CFAA (and presumably, the state hacking laws … Continue reading What do we in the United States really want from our cyber laws?
The US House of Representatives has passed legislation similar to that recently passed by the Senate that would require the National Institute of Standards and Technology (NIST) to produce cybersecurity guidance that will be aimed at helping small businesses. The NIST Small Business Cybersecurity Act of 2017 would include NIST’s creating guidelines, tools, and best … Continue reading NIST Cybersecurity Guidance for Small Business Likely Forthcoming
This is intended to be an old-fashioned "blog" about thoughts on the Equifax data breach. It will be ongoing so please check back regularly. Topics Media interviews and commentary We are seeing shame hacking taken to a new level Will I lead a consumer class action lawsuit against Equifax? Lawsuits and investigations against Equifax What … Continue reading Musings about the Equifax Data Breach
On August 1, 2017, the Senate Cybersecurity Caucus introduced the "Internet of Things (IoT) Cybersecurity Improvement Act of 2017," bi-partisan legislation focused on establishing minimum security requirements for the federal procurement of Internet connected devices (#IoT). The legislation is directed at vendors who supply IoT devices to the federal government. It requires that such products are … Continue reading IoT Cybersecurity Improvement Act of 2017 proposed by Senate Cybersecurity Caucus